mirror of
https://github.com/gravitl/netmaker.git
synced 2024-09-20 15:26:04 +08:00
define user roles
This commit is contained in:
parent
7e0be14892
commit
33375bba0f
|
@ -1 +1,52 @@
|
|||
package logic
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
|
||||
"github.com/gravitl/netmaker/database"
|
||||
"github.com/gravitl/netmaker/models"
|
||||
)
|
||||
|
||||
// Pre-Define Permission Templates for default Roles
|
||||
var SuperAdminPermissionTemplate = models.UserPermissionTemplate{
|
||||
ID: models.SuperAdminRole,
|
||||
Default: true,
|
||||
DashBoardAcls: models.DashboardAccessControls{
|
||||
FullAccess: true,
|
||||
},
|
||||
}
|
||||
var AdminPermissionTemplate = models.UserPermissionTemplate{
|
||||
ID: models.AdminRole,
|
||||
Default: true,
|
||||
DashBoardAcls: models.DashboardAccessControls{
|
||||
FullAccess: true,
|
||||
},
|
||||
}
|
||||
|
||||
var NetworkAdminPermissionTemplate = models.UserPermissionTemplate{
|
||||
ID: models.NetworkAdmin,
|
||||
Default: true,
|
||||
DashBoardAcls: models.DashboardAccessControls{
|
||||
NetworkLevelAccess: make(map[models.NetworkID]models.NetworkAccessControls),
|
||||
},
|
||||
}
|
||||
|
||||
var NetworkUserPermissionTemplate = models.UserPermissionTemplate{
|
||||
ID: models.NetworkUser,
|
||||
Default: true,
|
||||
DashBoardAcls: models.DashboardAccessControls{
|
||||
DenyDashboardAccess: true,
|
||||
NetworkLevelAccess: make(map[models.NetworkID]models.NetworkAccessControls),
|
||||
},
|
||||
}
|
||||
|
||||
func init() {
|
||||
d, _ := json.Marshal(SuperAdminPermissionTemplate)
|
||||
database.Insert(SuperAdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
|
||||
d, _ = json.Marshal(AdminPermissionTemplate)
|
||||
database.Insert(AdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
|
||||
d, _ = json.Marshal(NetworkAdminPermissionTemplate)
|
||||
database.Insert(NetworkAdminPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
|
||||
d, _ = json.Marshal(NetworkUserPermissionTemplate)
|
||||
database.Insert(NetworkUserPermissionTemplate.ID.String(), string(d), database.USER_PERMISSIONS_TABLE_NAME)
|
||||
}
|
||||
|
|
|
@ -2,6 +2,7 @@ package models
|
|||
|
||||
type NetworkID string
|
||||
type RsrcID string
|
||||
type UserRole string
|
||||
|
||||
const (
|
||||
HostRsrc RsrcID = "host"
|
||||
|
@ -11,8 +12,20 @@ const (
|
|||
EgressGwRsrc RsrcID = "egress"
|
||||
)
|
||||
|
||||
// Pre-Defined User Roles
|
||||
|
||||
const (
|
||||
SuperAdminRole UserRole = "super_admin"
|
||||
AdminRole UserRole = "admin"
|
||||
NetworkAdmin UserRole = "network_admin"
|
||||
NetworkUser UserRole = "network_user"
|
||||
)
|
||||
|
||||
func (r UserRole) String() string {
|
||||
return string(r)
|
||||
}
|
||||
|
||||
type NetworkRsrcPermissions struct {
|
||||
All bool `json:"all"`
|
||||
Create bool `json:"create"`
|
||||
Read bool `json:"read"`
|
||||
Update bool `json:"update"`
|
||||
|
@ -26,11 +39,13 @@ type NetworkAccessControls struct {
|
|||
}
|
||||
|
||||
type DashboardAccessControls struct {
|
||||
FullAccess bool `json:"full_access"`
|
||||
NetworkLevelAccess map[NetworkID]NetworkAccessControls `json:"network_access_controls"`
|
||||
FullAccess bool `json:"full_access"`
|
||||
DenyDashboardAccess bool `json:"deny_dashboard_access"`
|
||||
NetworkLevelAccess map[NetworkID]NetworkAccessControls `json:"network_access_controls"`
|
||||
}
|
||||
|
||||
type UserPermissionTemplate struct {
|
||||
ID string `json:"id"`
|
||||
ID UserRole `json:"id"`
|
||||
Default bool `json:"default"`
|
||||
DashBoardAcls DashboardAccessControls `json:"dashboard_access_controls"`
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue